iam
Basics
Problem
Solution
- IAM has the same level of permissions and authorization as the root user in the account
Three main jobs
Key features
- No cost
- Global service/Global resilience
- Allow or deny its identities on its AWS account
- No direct control on external accounts or users
- Identity federation and MFA
- Use Facebook, Twitter, Google, etc. to access AWS resources
Access Keys
Key features
- An IAM user has 1 username and 1 password
- An IAM user can have two access keys
- Access keys are provided during initialization and are used to access the AWS CLI
- Access keys can be created, deleted, made inactive, or made active
- They should be deleted and recreated if they are leaked
- Access keys consists of two parts
- Access Key ID: ABABABABABABABA
- Secret Access Key: oWerWRhoefWO/RIOF/DFLWAnljef